inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM-2123 Don't create a user called system.

Browse Source 
Also add special check in clearance service that gives system user maximum
clearance.

+review RM-58

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104480 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tom Page
2015-05-19 09:57:02 +00:00
parent 62558fbbc1
commit 4d94c8b66b
9 changed files with 50 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/BootstrapImporterModuleComponent.java
View File

@@ -43,8 +43,8 @@ public class BootstrapImporterModuleComponent extends ImporterModuleComponent
/** record contributors group bootstrap component */
private RecordContributorsGroupBootstrapComponent recordContributorsGroupBootstrapComponent;
/** Clearances for special users bootstrap component. */
private ClearancesForSpecialUsersBootstrapComponent clearancesForSpecialUsersBootstrapComponent;
/** Clearance for admin bootstrap component. */
private ClearanceForAdminBootstrapComponent clearanceForAdminBootstrapComponent;
/**
* @param nodeService node service
@@ -71,12 +71,12 @@ public class BootstrapImporterModuleComponent extends ImporterModuleComponent
}
/**
* @param clearancesForSpecialUsersBootstrapComponent The bootstrap component that give the admin and system users
* the maximum clearance.
* @param clearanceForAdminBootstrapComponent The bootstrap component that give the admin user the maximum
* clearance.
*/
public void setClearancesForSpecialUsersBootstrapComponent(ClearancesForSpecialUsersBootstrapComponent clearancesForSpecialUsersBootstrapComponent)
public void setClearanceForAdminBootstrapComponent(ClearanceForAdminBootstrapComponent clearanceForAdminBootstrapComponent)
{
this.clearancesForSpecialUsersBootstrapComponent = clearancesForSpecialUsersBootstrapComponent;
this.clearanceForAdminBootstrapComponent = clearanceForAdminBootstrapComponent;
}
/**
@@ -94,7 +94,7 @@ public class BootstrapImporterModuleComponent extends ImporterModuleComponent
// Bootstrap creation of initial data.
recordContributorsGroupBootstrapComponent.createRecordContributorsGroup();
clearancesForSpecialUsersBootstrapComponent.createClearancesForSpecialUsers();
clearanceForAdminBootstrapComponent.createClearanceForAdmin();
// init module schema number
modulePatchExecuter.initSchemaVersion();

17
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearancesForSpecialUsersBootstrapComponent.java → rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/bootstrap/ClearanceForAdminBootstrapComponent.java
View File

@@ -22,19 +22,19 @@ import java.io.Serializable;
import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceBootstrap;
import org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel;
import org.alfresco.module.org_alfresco_module_rm.patch.v30.RMv30ClearancesForSpecialUsers;
import org.alfresco.module.org_alfresco_module_rm.patch.v30.RMv30ClearanceForAdmin;
import org.alfresco.module.org_alfresco_module_rm.util.AuthenticationUtil;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.PersonService;
/**
* Provide the highest clearance to the admin and system users. This needs to be run once (either bootstrapped into a
* fresh system, or as part of an upgrade in {@link RMv30ClearancesForSpecialUsers}) per installation.
* Provide the highest clearance to the admin user. This needs to be run once (either bootstrapped into a
* fresh system, or as part of an upgrade in {@link RMv30ClearanceForAdmin}) per installation.
*
* @author tpage
*/
public class ClearancesForSpecialUsersBootstrapComponent implements ClassifiedContentModel
public class ClearanceForAdminBootstrapComponent implements ClassifiedContentModel
{
private AuthenticationUtil authenticationUtil;
private NodeService nodeService;
@@ -47,9 +47,9 @@ public class ClearancesForSpecialUsersBootstrapComponent implements ClassifiedCo
public void setClassificationServiceBootstrap(ClassificationServiceBootstrap classificationServiceBootstrap) { this.classificationServiceBootstrap = classificationServiceBootstrap; }
/**
* Give the admin and system users the maximum clearance.
* Give the admin user the maximum clearance.
*/
public void createClearancesForSpecialUsers()
public void createClearanceForAdmin()
{
// Ensure the classification levels are loaded before this patch runs. (Nb. This will result in the
// classification service bootstrap method being called twice on the start-up that includes this call).
@@ -57,11 +57,8 @@ public class ClearancesForSpecialUsersBootstrapComponent implements ClassifiedCo
Serializable mostSecureLevel = classificationServiceBootstrap.getClassificationLevelManager()
.getMostSecureLevel().getId();
String systemUserName = authenticationUtil.getSystemUserName();
NodeRef system = personService.getPerson(systemUserName);
nodeService.setProperty(system, PROP_CLEARANCE_LEVEL, mostSecureLevel);
String adminUserName = authenticationUtil.getAdminUserName();
NodeRef admin = personService.getPerson(adminUserName);
NodeRef admin = personService.getPerson(adminUserName, false);
nodeService.setProperty(admin, PROP_CLEARANCE_LEVEL, mostSecureLevel);
}
}

2
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearance.java
View File

@@ -39,7 +39,7 @@ public final class SecurityClearance implements Serializable
public SecurityClearance(final PersonInfo personInfo, final ClearanceLevel clearanceLevel)
{
Objects.requireNonNull(personInfo);
// Do not check the PersonInfo, as it may be null for the system user's SecurityClearance.
Objects.requireNonNull(clearanceLevel);
this.personInfo = personInfo;

11
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
View File

@@ -72,13 +72,18 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
}
/**
* Gets the users security clearnace.
* Gets the user's security clearance.
*
* @param userName user name
* @return {@link SecurityClearance} provides information about the user and their clearance level
* @param userName user name
* @return {@link SecurityClearance} provides information about the user and their clearance level
*/
private SecurityClearance getUserSecurityClearance(final String userName)
{
if (authenticationUtil.isRunAsUserTheSystemUser())
{
return new SecurityClearance(null, clearanceManager.getMostSecureLevel());
}
final NodeRef personNode = personService.getPerson(userName, false);
final PersonInfo personInfo = personService.getPerson(personNode);

14
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearancesForSpecialUsers.java → rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v30/RMv30ClearanceForAdmin.java
View File

@@ -18,31 +18,31 @@
*/
package org.alfresco.module.org_alfresco_module_rm.patch.v30;
import org.alfresco.module.org_alfresco_module_rm.bootstrap.ClearancesForSpecialUsersBootstrapComponent;
import org.alfresco.module.org_alfresco_module_rm.bootstrap.ClearanceForAdminBootstrapComponent;
import org.alfresco.module.org_alfresco_module_rm.patch.AbstractModulePatch;
/**
* Patch to provide the highest clearance to the admin and system users.
* Patch to provide the highest clearance to the admin user.
*
* @author tpage
*/
public class RMv30ClearancesForSpecialUsers extends AbstractModulePatch
public class RMv30ClearanceForAdmin extends AbstractModulePatch
{
private ClearancesForSpecialUsersBootstrapComponent bootstrapComponent;
private ClearanceForAdminBootstrapComponent bootstrapComponent;
public void setBootstrapComponent(ClearancesForSpecialUsersBootstrapComponent bootstrapComponent)
public void setBootstrapComponent(ClearanceForAdminBootstrapComponent bootstrapComponent)
{
this.bootstrapComponent = bootstrapComponent;
}
/**
* Give the admin and system users the maximum clearance.
* Give the admin user the maximum clearance.
*
* @see org.alfresco.module.org_alfresco_module_rm.patch.AbstractModulePatch#applyInternal()
*/
@Override
public void applyInternal()
{
bootstrapComponent.createClearancesForSpecialUsers();
bootstrapComponent.createClearanceForAdmin();
}
}